Wednesday, August 21, 2013

PC Security - Themed Ransomware (Advisory)

I added a picture below [fake] of a ransomware screen for you to see what is typical of  what some customers have gotten lately.  Believe me, many people have been 'taken in' by these [fake] warning screens (infected PCs.)  The wording may change, it will look "official" and the screens may advise you to go to a local store and purchase cash transfers to pay the fine [fake] ...some will claim pornography was detected, or that music was download illegally...lots of variations.  Also, beware of a similar scam that puts a fake warning screen on your desktop advising you that your PC is infected or has severe technical issues and asks you to click for assistance.  It is a double-scam.  The folks on the other end of the phone will for a relatively small fee ($20 or so..., 1st getting your credit card or debit card, of course) ask you to give them permission to connect into your PC.  They will and it will appear that they are fixing things; however, invariably the 'tech support' will tell you that they found additional problems that require a higher level of assistance, then they try to bilk you out of 'serious' money.  Sometimes, if you refuse and try to disconnect, after they have been inside it, your PC may or may not reboot!  Often, to get rid of these fake popups, you can reboot into the safe mode (using your PC's top row F8 function key as your PC reboots.   Once in the safe mode, run several infection detection/removers.  I have some free ones linked to from the top of my http://harrold.org/cleanmypc.html -- rfh

 From: jrp Sent: Tuesday, July 30, 2013 Subject:  Recent Reports of DHS-Themed Ransomware (UPDATE)
Thought you might be able to use the information in this newsletter.  I subscribe to several news letters from the US Gov and they have been very helpful in the past.  Along with several other websites (www.bleepingcomputer.com being one) you can reasonably manage staying educated about the threats that continue to show up and learn how to protect yourself from them.  Stay safe, Bob P.
From: US-CERT [mailto:US-CERT@public.govdelivery.com] Sent: Tuesday, July 30, 2013 1:29 PM To: Subject: Recent Reports of DHS-Themed Ransomware (UPDATE)
US Computer Emergency Readiness Team banner graphic
National Cyber Awareness System:
07/30/2013 10:57 AM EDT
Original release date: July 30, 2013
     US-CERT has received reports of increased activity concerning an apparently DHS-themed ransomware malware infection occurring in the wild. Users who are being targeted by the ransomware receive a message claiming that use of their computer has been suspended and that the user must pay a fine to unblock it. One iteration of this malware also takes a webcam (if available) photo or video of a recipient and posts it in a pop-up to add to the appearance of legitimacy. The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division.
     Users who are infected with the malware should consult with a reputable security expert to assist in removing the malware, or perform a clean reinstallation of their OS after formatting their computer's hard drive.
US-CERT and DHS encourage users and administrators not to pay the perpetrators and to report the incident to the FBI at the Internet Crime Complaint Center (IC3).
     Use caution when encountering these types of email messages and take the following preventive measures to protect themselves from phishing scams and malware campaigns that attempt to frighten and deceive a recipient for the purpose of illegal gain.
  • Do not click on or submit any information to webpages.
  • Do not follow unsolicited web links in email messages.
  • Use caution when opening email attachments. Refer to the Security Tip Using Caution with Email Attachments for more information on safely handling email attachments.
  • Maintain up-to-date antivirus software.
  • Users who are infected should change all passwords AFTER removing the malware from their system.
  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
  • Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

This product is provided subject to this Notification and this Privacy & Use policy.

This email was sent using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) - 245 Murray Lane SW Bldg 410 - Washington, DC 20598 - (703) 235-5110
Powered by GovDelivery



No comments:

Post a Comment

Please, avoid posting advertisements. Content comments are welcomed, including anonymous. Posts with profanity will not be published.